runZero Discovers all IP-Addressable Assets and Proves Active Scanning is Safe for Operational Technology in NREL/CECA Testing:
https://www.runzero.com/newsroom/runzero-discovers-all-ip-addressable-assets-and-proves-active-scanning-is-safe-for-operational-technology-in-nrel-ceca-testing/
home > posts
A more coherent[1] explanation of Blue Friday:
https://www.youtube.com/watch?v=y8OnoxKotPQ
1.The less clear version is at https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/
I'm stoked to announce that @rk and I are speaking at @defcon DEF CON 32 on Friday at 1:00pm. Our talk, `sshamble: Unexpected Exposures in the Secure Shell` covers lesser-known tricks for making remote secure shells into your shells.
https://defcon.org/html/defcon-32/dc-32-speakers.html#54452
Also, DEF CON's deadline for materials is midnight and our servers are working as hard as they can to pull the necessary data.
my favorite quasi-backdoor SSH capability (today) is ""Russia URAL Special Auth Feature""
alias ffssh="ssh -oStrictHostKeyChecking=no -oKexAlgorithms=+diffie-hellman-group1-sha1 -oHostKeyAlgorithms=+ssh-rsa -oCiphers=+3des-cbc"
Today is a big day for OpenSSH patching: https://www.runzero.com/blog/openssh-servers/
Amazing work as always by the Qualys security research team, you can find the full advisory on "regreSSHion" at https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt
The OpenSSH release notes are a fantastic read as well, especially the bits about timing analysis: https://www.openssh.com/txt/release-9.8
Lastly, if anyone else planning to drop SSH zero-day before summer camp, please give me a heads up, it's tough keeping a list of all of the cool research that our talk won't cover 😆
Is This the Blind Spot in K-12 Cybersecurity and Student Privacy? https://www.linkedin.com/pulse/blind-spot-k-12-cybersecurity-student-privacy-ray-zeisz-obrdc/
I really enjoy using the @trailofbits weAudit extension for VSCode; it took the place of the Bookmarks extension and markdown files for my code review work: https://blog.trailofbits.com/2024/03/19/read-code-like-a-pro-with-our-weaudit-vscode-extension/
"One Weird Trick" to find Kaspersky products in your network. Don't worry, we link the "Packing the K" video at the end:
Off-path TCP hijacking in NAT-enabled Wi-Fi networks https://blog.apnic.net/2024/06/18/off-path-tcp-hijacking-in-nat-enabled-wi-fi-networks/